Core Update 166: Drop orphaned convert-ovpn script
Commit Message
This script only appeared in conjunction with Core Update 75, released
January 2014. Although it is still being executed while restoring a
backup, it would only be effective if anyone tried to restore a backup
created before C75.
I don't think there is a realistic need to carry this script along any
further. In doubt, it might be better to start from scratch again rather
than trying to restore an 8 year old backup, expecting everything to be
peachy and vanilla with it.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
config/backup/backup.pl | 5 +--
config/rootfiles/common/aarch64/stage2 | 1 -
config/rootfiles/common/armv6l/stage2 | 1 -
config/rootfiles/common/x86_64/stage2 | 1 -
config/rootfiles/core/166/update.sh | 1 +
src/scripts/convert-ovpn | 60 --------------------------
6 files changed, 2 insertions(+), 67 deletions(-)
delete mode 100755 src/scripts/convert-ovpn
Comments
Hello,
Yes, I agree with the patch.
A backup from that long ago should definitely create lots of other problems, too.
Should we create some mechanism that makes it impossible to restore a backup file that is older than t0?
-Michael
> On 21 Mar 2022, at 13:30, Peter Müller <peter.mueller@ipfire.org> wrote:
>
> This script only appeared in conjunction with Core Update 75, released
> January 2014. Although it is still being executed while restoring a
> backup, it would only be effective if anyone tried to restore a backup
> created before C75.
>
> I don't think there is a realistic need to carry this script along any
> further. In doubt, it might be better to start from scratch again rather
> than trying to restore an 8 year old backup, expecting everything to be
> peachy and vanilla with it.
>
> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
> ---
> config/backup/backup.pl | 5 +--
> config/rootfiles/common/aarch64/stage2 | 1 -
> config/rootfiles/common/armv6l/stage2 | 1 -
> config/rootfiles/common/x86_64/stage2 | 1 -
> config/rootfiles/core/166/update.sh | 1 +
> src/scripts/convert-ovpn | 60 --------------------------
> 6 files changed, 2 insertions(+), 67 deletions(-)
> delete mode 100755 src/scripts/convert-ovpn
>
> diff --git a/config/backup/backup.pl b/config/backup/backup.pl
> index a2337cf23..1582789b6 100644
> --- a/config/backup/backup.pl
> +++ b/config/backup/backup.pl
> @@ -2,7 +2,7 @@
> ###############################################################################
> # #
> # IPFire.org - A linux based firewall #
> -# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
> +# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
> # #
> # This program is free software: you can redistribute it and/or modify #
> # it under the terms of the GNU General Public License as published by #
> @@ -153,9 +153,6 @@ restore_backup() {
> # Reload firewall
> firewallctrl
>
> - # Convert old OpenVPN CCD files (CN change, Core Update 75)
> - convert-ovpn
> -
> # Snort to suricata converter.
> if [ -d "/var/ipfire/snort" ]; then
> # Run converter
> diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2
> index e7eae625c..352c704d4 100644
> --- a/config/rootfiles/common/aarch64/stage2
> +++ b/config/rootfiles/common/aarch64/stage2
> @@ -92,7 +92,6 @@ usr/local/bin/backupiso
> usr/local/bin/connscheduler
> usr/local/bin/consort.sh
> usr/local/bin/convert-dns-settings
> -usr/local/bin/convert-ovpn
> usr/local/bin/convert-to-location
> usr/local/bin/filesystem-cleanup
> usr/local/bin/hddshutdown
> diff --git a/config/rootfiles/common/armv6l/stage2 b/config/rootfiles/common/armv6l/stage2
> index 670a99927..198461a01 100644
> --- a/config/rootfiles/common/armv6l/stage2
> +++ b/config/rootfiles/common/armv6l/stage2
> @@ -90,7 +90,6 @@ usr/local/bin/backupiso
> usr/local/bin/connscheduler
> usr/local/bin/consort.sh
> usr/local/bin/convert-dns-settings
> -usr/local/bin/convert-ovpn
> usr/local/bin/convert-to-location
> usr/local/bin/filesystem-cleanup
> usr/local/bin/hddshutdown
> diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2
> index d07c264b4..b03a7fecf 100644
> --- a/config/rootfiles/common/x86_64/stage2
> +++ b/config/rootfiles/common/x86_64/stage2
> @@ -92,7 +92,6 @@ usr/local/bin/backupiso
> usr/local/bin/connscheduler
> usr/local/bin/consort.sh
> usr/local/bin/convert-dns-settings
> -usr/local/bin/convert-ovpn
> usr/local/bin/convert-to-location
> usr/local/bin/filesystem-cleanup
> usr/local/bin/hddshutdown
> diff --git a/config/rootfiles/core/166/update.sh b/config/rootfiles/core/166/update.sh
> index 1370555b0..99bbe40f4 100644
> --- a/config/rootfiles/core/166/update.sh
> +++ b/config/rootfiles/core/166/update.sh
> @@ -37,6 +37,7 @@ rm -vf \
> /opt/pakfire/pakfire-2007.key \
> /usr/bin/mkinitrd \
> /usr/lib/dracut \
> + /usr/local/bin/convert-ovpn \
> /usr/local/bin/ovpn-ccd-convert \
> /usr/local/bin/rebuild-initrd
>
> diff --git a/src/scripts/convert-ovpn b/src/scripts/convert-ovpn
> deleted file mode 100755
> index 30e754326..000000000
> --- a/src/scripts/convert-ovpn
> +++ /dev/null
> @@ -1,60 +0,0 @@
> -#!/usr/bin/perl
> -
> -###############################################################################
> -# #
> -# IPFire.org - A linux based firewall #
> -# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
> -# #
> -# This program is free software: you can redistribute it and/or modify #
> -# it under the terms of the GNU General Public License as published by #
> -# the Free Software Foundation, either version 3 of the License, or #
> -# (at your option) any later version. #
> -# #
> -# This program is distributed in the hope that it will be useful, #
> -# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> -# GNU General Public License for more details. #
> -# #
> -# You should have received a copy of the GNU General Public License #
> -# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> -# #
> -###############################################################################
> -# #
> -# This script converts old openvpn ccd files with underscore #
> -# to files with spaces to make them working with openvpn 2.3 again #
> -# STEP1: read ovpnconfig and verify cert names #
> -# STEP2: if neccessary convert ccd file #
> -# #
> -###############################################################################
> -
> -require '/var/ipfire/general-functions.pl';
> -
> -my %configovpn=();
> -my $ccdpath="/var/ipfire/ovpn/ccd/";
> -my $ovpnconfig="/var/ipfire/ovpn/ovpnconfig";
> -
> -&General::readhasharray ($ovpnconfig,\%configovpn);
> -
> -&check_config();
> -
> -sub check_config {
> - print "Converting CCD files...\n";
> - chdir($ccdpath);
> -
> - foreach my $key (sort keys %configovpn){
> - # Skip everything else but roadwarrior connections.
> - next if ($configovpn{$key}[3] ne 'host');
> -
> - # Skip all connections with no space in the CN name.
> - next if ($configovpn{$key}[2] !~ " ");
> -
> - my $ccdname = $configovpn{$key}[2];
> - $ccdname =~ tr/ /_/;
> -
> - # Rename the CCD file if one with the old format exists.
> - if (-e "$ccdname") {
> - print " Renaming $ccdname -> $configovpn{$key}[2]...\n";
> - rename($ccdname, $configovpn{$key}[2]);
> - }
> - }
> -}
> --
> 2.34.1
Hello Michael,
> Hello,
>
> Yes, I agree with the patch.
>
> A backup from that long ago should definitely create lots of other problems, too.
>
> Should we create some mechanism that makes it impossible to restore a backup file that is older than t0?
I think so, but don't know how to do this. :-)
Do we have /etc/os-release or something similar in a backup where we can grep the release
information from? Or is there a more elegant approach to this?
Thanks, and best regards,
Peter Müller
>
> -Michael
>
>> On 21 Mar 2022, at 13:30, Peter Müller <peter.mueller@ipfire.org> wrote:
>>
>> This script only appeared in conjunction with Core Update 75, released
>> January 2014. Although it is still being executed while restoring a
>> backup, it would only be effective if anyone tried to restore a backup
>> created before C75.
>>
>> I don't think there is a realistic need to carry this script along any
>> further. In doubt, it might be better to start from scratch again rather
>> than trying to restore an 8 year old backup, expecting everything to be
>> peachy and vanilla with it.
>>
>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
>> ---
>> config/backup/backup.pl | 5 +--
>> config/rootfiles/common/aarch64/stage2 | 1 -
>> config/rootfiles/common/armv6l/stage2 | 1 -
>> config/rootfiles/common/x86_64/stage2 | 1 -
>> config/rootfiles/core/166/update.sh | 1 +
>> src/scripts/convert-ovpn | 60 --------------------------
>> 6 files changed, 2 insertions(+), 67 deletions(-)
>> delete mode 100755 src/scripts/convert-ovpn
>>
>> diff --git a/config/backup/backup.pl b/config/backup/backup.pl
>> index a2337cf23..1582789b6 100644
>> --- a/config/backup/backup.pl
>> +++ b/config/backup/backup.pl
>> @@ -2,7 +2,7 @@
>> ###############################################################################
>> # #
>> # IPFire.org - A linux based firewall #
>> -# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
>> +# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
>> # #
>> # This program is free software: you can redistribute it and/or modify #
>> # it under the terms of the GNU General Public License as published by #
>> @@ -153,9 +153,6 @@ restore_backup() {
>> # Reload firewall
>> firewallctrl
>>
>> - # Convert old OpenVPN CCD files (CN change, Core Update 75)
>> - convert-ovpn
>> -
>> # Snort to suricata converter.
>> if [ -d "/var/ipfire/snort" ]; then
>> # Run converter
>> diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2
>> index e7eae625c..352c704d4 100644
>> --- a/config/rootfiles/common/aarch64/stage2
>> +++ b/config/rootfiles/common/aarch64/stage2
>> @@ -92,7 +92,6 @@ usr/local/bin/backupiso
>> usr/local/bin/connscheduler
>> usr/local/bin/consort.sh
>> usr/local/bin/convert-dns-settings
>> -usr/local/bin/convert-ovpn
>> usr/local/bin/convert-to-location
>> usr/local/bin/filesystem-cleanup
>> usr/local/bin/hddshutdown
>> diff --git a/config/rootfiles/common/armv6l/stage2 b/config/rootfiles/common/armv6l/stage2
>> index 670a99927..198461a01 100644
>> --- a/config/rootfiles/common/armv6l/stage2
>> +++ b/config/rootfiles/common/armv6l/stage2
>> @@ -90,7 +90,6 @@ usr/local/bin/backupiso
>> usr/local/bin/connscheduler
>> usr/local/bin/consort.sh
>> usr/local/bin/convert-dns-settings
>> -usr/local/bin/convert-ovpn
>> usr/local/bin/convert-to-location
>> usr/local/bin/filesystem-cleanup
>> usr/local/bin/hddshutdown
>> diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2
>> index d07c264b4..b03a7fecf 100644
>> --- a/config/rootfiles/common/x86_64/stage2
>> +++ b/config/rootfiles/common/x86_64/stage2
>> @@ -92,7 +92,6 @@ usr/local/bin/backupiso
>> usr/local/bin/connscheduler
>> usr/local/bin/consort.sh
>> usr/local/bin/convert-dns-settings
>> -usr/local/bin/convert-ovpn
>> usr/local/bin/convert-to-location
>> usr/local/bin/filesystem-cleanup
>> usr/local/bin/hddshutdown
>> diff --git a/config/rootfiles/core/166/update.sh b/config/rootfiles/core/166/update.sh
>> index 1370555b0..99bbe40f4 100644
>> --- a/config/rootfiles/core/166/update.sh
>> +++ b/config/rootfiles/core/166/update.sh
>> @@ -37,6 +37,7 @@ rm -vf \
>> /opt/pakfire/pakfire-2007.key \
>> /usr/bin/mkinitrd \
>> /usr/lib/dracut \
>> + /usr/local/bin/convert-ovpn \
>> /usr/local/bin/ovpn-ccd-convert \
>> /usr/local/bin/rebuild-initrd
>>
>> diff --git a/src/scripts/convert-ovpn b/src/scripts/convert-ovpn
>> deleted file mode 100755
>> index 30e754326..000000000
>> --- a/src/scripts/convert-ovpn
>> +++ /dev/null
>> @@ -1,60 +0,0 @@
>> -#!/usr/bin/perl
>> -
>> -###############################################################################
>> -# #
>> -# IPFire.org - A linux based firewall #
>> -# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
>> -# #
>> -# This program is free software: you can redistribute it and/or modify #
>> -# it under the terms of the GNU General Public License as published by #
>> -# the Free Software Foundation, either version 3 of the License, or #
>> -# (at your option) any later version. #
>> -# #
>> -# This program is distributed in the hope that it will be useful, #
>> -# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> -# GNU General Public License for more details. #
>> -# #
>> -# You should have received a copy of the GNU General Public License #
>> -# along with this program. If not, see <http://www.gnu.org/licenses/>. #
>> -# #
>> -###############################################################################
>> -# #
>> -# This script converts old openvpn ccd files with underscore #
>> -# to files with spaces to make them working with openvpn 2.3 again #
>> -# STEP1: read ovpnconfig and verify cert names #
>> -# STEP2: if neccessary convert ccd file #
>> -# #
>> -###############################################################################
>> -
>> -require '/var/ipfire/general-functions.pl';
>> -
>> -my %configovpn=();
>> -my $ccdpath="/var/ipfire/ovpn/ccd/";
>> -my $ovpnconfig="/var/ipfire/ovpn/ovpnconfig";
>> -
>> -&General::readhasharray ($ovpnconfig,\%configovpn);
>> -
>> -&check_config();
>> -
>> -sub check_config {
>> - print "Converting CCD files...\n";
>> - chdir($ccdpath);
>> -
>> - foreach my $key (sort keys %configovpn){
>> - # Skip everything else but roadwarrior connections.
>> - next if ($configovpn{$key}[3] ne 'host');
>> -
>> - # Skip all connections with no space in the CN name.
>> - next if ($configovpn{$key}[2] !~ " ");
>> -
>> - my $ccdname = $configovpn{$key}[2];
>> - $ccdname =~ tr/ /_/;
>> -
>> - # Rename the CCD file if one with the old format exists.
>> - if (-e "$ccdname") {
>> - print " Renaming $ccdname -> $configovpn{$key}[2]...\n";
>> - rename($ccdname, $configovpn{$key}[2]);
>> - }
>> - }
>> -}
>> --
>> 2.34.1
>
Hello,
> On 31 Mar 2022, at 10:47, Peter Müller <peter.mueller@ipfire.org> wrote:
>
> Hello Michael,
>
>> Hello,
>>
>> Yes, I agree with the patch.
>>
>> A backup from that long ago should definitely create lots of other problems, too.
>>
>> Should we create some mechanism that makes it impossible to restore a backup file that is older than t0?
>
> I think so, but don't know how to do this. :-)
>
> Do we have /etc/os-release or something similar in a backup where we can grep the release
> information from? Or is there a more elegant approach to this?
Yes, something like this. A special file with some meta information that we can check.
Unfortunately /etc/os-release is not part of the backup so far. We could either use that or create something new like “.backup” that is the first file in the tarball.
You can read it like this then:
[root@fw01 ~]# tar Oxf /var/ipfire/backup/2022-03-29-13\:16.ipf etc/sysconfig/modules
########################################################################
# Begin /etc/sysconfig/modules
#
# Description : Module auto-loading configuration
#
...
# End /etc/sysconfig/modules
I just picked a random file here. So don’t get confused by that.
-Michael
>
> Thanks, and best regards,
> Peter Müller
>
>>
>> -Michael
>>
>>> On 21 Mar 2022, at 13:30, Peter Müller <peter.mueller@ipfire.org> wrote:
>>>
>>> This script only appeared in conjunction with Core Update 75, released
>>> January 2014. Although it is still being executed while restoring a
>>> backup, it would only be effective if anyone tried to restore a backup
>>> created before C75.
>>>
>>> I don't think there is a realistic need to carry this script along any
>>> further. In doubt, it might be better to start from scratch again rather
>>> than trying to restore an 8 year old backup, expecting everything to be
>>> peachy and vanilla with it.
>>>
>>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
>>> ---
>>> config/backup/backup.pl | 5 +--
>>> config/rootfiles/common/aarch64/stage2 | 1 -
>>> config/rootfiles/common/armv6l/stage2 | 1 -
>>> config/rootfiles/common/x86_64/stage2 | 1 -
>>> config/rootfiles/core/166/update.sh | 1 +
>>> src/scripts/convert-ovpn | 60 --------------------------
>>> 6 files changed, 2 insertions(+), 67 deletions(-)
>>> delete mode 100755 src/scripts/convert-ovpn
>>>
>>> diff --git a/config/backup/backup.pl b/config/backup/backup.pl
>>> index a2337cf23..1582789b6 100644
>>> --- a/config/backup/backup.pl
>>> +++ b/config/backup/backup.pl
>>> @@ -2,7 +2,7 @@
>>> ###############################################################################
>>> # #
>>> # IPFire.org - A linux based firewall #
>>> -# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
>>> +# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
>>> # #
>>> # This program is free software: you can redistribute it and/or modify #
>>> # it under the terms of the GNU General Public License as published by #
>>> @@ -153,9 +153,6 @@ restore_backup() {
>>> # Reload firewall
>>> firewallctrl
>>>
>>> - # Convert old OpenVPN CCD files (CN change, Core Update 75)
>>> - convert-ovpn
>>> -
>>> # Snort to suricata converter.
>>> if [ -d "/var/ipfire/snort" ]; then
>>> # Run converter
>>> diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2
>>> index e7eae625c..352c704d4 100644
>>> --- a/config/rootfiles/common/aarch64/stage2
>>> +++ b/config/rootfiles/common/aarch64/stage2
>>> @@ -92,7 +92,6 @@ usr/local/bin/backupiso
>>> usr/local/bin/connscheduler
>>> usr/local/bin/consort.sh
>>> usr/local/bin/convert-dns-settings
>>> -usr/local/bin/convert-ovpn
>>> usr/local/bin/convert-to-location
>>> usr/local/bin/filesystem-cleanup
>>> usr/local/bin/hddshutdown
>>> diff --git a/config/rootfiles/common/armv6l/stage2 b/config/rootfiles/common/armv6l/stage2
>>> index 670a99927..198461a01 100644
>>> --- a/config/rootfiles/common/armv6l/stage2
>>> +++ b/config/rootfiles/common/armv6l/stage2
>>> @@ -90,7 +90,6 @@ usr/local/bin/backupiso
>>> usr/local/bin/connscheduler
>>> usr/local/bin/consort.sh
>>> usr/local/bin/convert-dns-settings
>>> -usr/local/bin/convert-ovpn
>>> usr/local/bin/convert-to-location
>>> usr/local/bin/filesystem-cleanup
>>> usr/local/bin/hddshutdown
>>> diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2
>>> index d07c264b4..b03a7fecf 100644
>>> --- a/config/rootfiles/common/x86_64/stage2
>>> +++ b/config/rootfiles/common/x86_64/stage2
>>> @@ -92,7 +92,6 @@ usr/local/bin/backupiso
>>> usr/local/bin/connscheduler
>>> usr/local/bin/consort.sh
>>> usr/local/bin/convert-dns-settings
>>> -usr/local/bin/convert-ovpn
>>> usr/local/bin/convert-to-location
>>> usr/local/bin/filesystem-cleanup
>>> usr/local/bin/hddshutdown
>>> diff --git a/config/rootfiles/core/166/update.sh b/config/rootfiles/core/166/update.sh
>>> index 1370555b0..99bbe40f4 100644
>>> --- a/config/rootfiles/core/166/update.sh
>>> +++ b/config/rootfiles/core/166/update.sh
>>> @@ -37,6 +37,7 @@ rm -vf \
>>> /opt/pakfire/pakfire-2007.key \
>>> /usr/bin/mkinitrd \
>>> /usr/lib/dracut \
>>> + /usr/local/bin/convert-ovpn \
>>> /usr/local/bin/ovpn-ccd-convert \
>>> /usr/local/bin/rebuild-initrd
>>>
>>> diff --git a/src/scripts/convert-ovpn b/src/scripts/convert-ovpn
>>> deleted file mode 100755
>>> index 30e754326..000000000
>>> --- a/src/scripts/convert-ovpn
>>> +++ /dev/null
>>> @@ -1,60 +0,0 @@
>>> -#!/usr/bin/perl
>>> -
>>> -###############################################################################
>>> -# #
>>> -# IPFire.org - A linux based firewall #
>>> -# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
>>> -# #
>>> -# This program is free software: you can redistribute it and/or modify #
>>> -# it under the terms of the GNU General Public License as published by #
>>> -# the Free Software Foundation, either version 3 of the License, or #
>>> -# (at your option) any later version. #
>>> -# #
>>> -# This program is distributed in the hope that it will be useful, #
>>> -# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>>> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>>> -# GNU General Public License for more details. #
>>> -# #
>>> -# You should have received a copy of the GNU General Public License #
>>> -# along with this program. If not, see <http://www.gnu.org/licenses/>. #
>>> -# #
>>> -###############################################################################
>>> -# #
>>> -# This script converts old openvpn ccd files with underscore #
>>> -# to files with spaces to make them working with openvpn 2.3 again #
>>> -# STEP1: read ovpnconfig and verify cert names #
>>> -# STEP2: if neccessary convert ccd file #
>>> -# #
>>> -###############################################################################
>>> -
>>> -require '/var/ipfire/general-functions.pl';
>>> -
>>> -my %configovpn=();
>>> -my $ccdpath="/var/ipfire/ovpn/ccd/";
>>> -my $ovpnconfig="/var/ipfire/ovpn/ovpnconfig";
>>> -
>>> -&General::readhasharray ($ovpnconfig,\%configovpn);
>>> -
>>> -&check_config();
>>> -
>>> -sub check_config {
>>> - print "Converting CCD files...\n";
>>> - chdir($ccdpath);
>>> -
>>> - foreach my $key (sort keys %configovpn){
>>> - # Skip everything else but roadwarrior connections.
>>> - next if ($configovpn{$key}[3] ne 'host');
>>> -
>>> - # Skip all connections with no space in the CN name.
>>> - next if ($configovpn{$key}[2] !~ " ");
>>> -
>>> - my $ccdname = $configovpn{$key}[2];
>>> - $ccdname =~ tr/ /_/;
>>> -
>>> - # Rename the CCD file if one with the old format exists.
>>> - if (-e "$ccdname") {
>>> - print " Renaming $ccdname -> $configovpn{$key}[2]...\n";
>>> - rename($ccdname, $configovpn{$key}[2]);
>>> - }
>>> - }
>>> -}
>>> --
>>> 2.34.1
>>
@@ -2,7 +2,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -153,9 +153,6 @@ restore_backup() {
# Reload firewall
firewallctrl
- # Convert old OpenVPN CCD files (CN change, Core Update 75)
- convert-ovpn
-
# Snort to suricata converter.
if [ -d "/var/ipfire/snort" ]; then
# Run converter
@@ -92,7 +92,6 @@ usr/local/bin/backupiso
usr/local/bin/connscheduler
usr/local/bin/consort.sh
usr/local/bin/convert-dns-settings
-usr/local/bin/convert-ovpn
usr/local/bin/convert-to-location
usr/local/bin/filesystem-cleanup
usr/local/bin/hddshutdown
@@ -90,7 +90,6 @@ usr/local/bin/backupiso
usr/local/bin/connscheduler
usr/local/bin/consort.sh
usr/local/bin/convert-dns-settings
-usr/local/bin/convert-ovpn
usr/local/bin/convert-to-location
usr/local/bin/filesystem-cleanup
usr/local/bin/hddshutdown
@@ -92,7 +92,6 @@ usr/local/bin/backupiso
usr/local/bin/connscheduler
usr/local/bin/consort.sh
usr/local/bin/convert-dns-settings
-usr/local/bin/convert-ovpn
usr/local/bin/convert-to-location
usr/local/bin/filesystem-cleanup
usr/local/bin/hddshutdown
@@ -37,6 +37,7 @@ rm -vf \
/opt/pakfire/pakfire-2007.key \
/usr/bin/mkinitrd \
/usr/lib/dracut \
+ /usr/local/bin/convert-ovpn \
/usr/local/bin/ovpn-ccd-convert \
/usr/local/bin/rebuild-initrd
deleted file mode 100755
@@ -1,60 +0,0 @@
-#!/usr/bin/perl
-
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-# #
-# This script converts old openvpn ccd files with underscore #
-# to files with spaces to make them working with openvpn 2.3 again #
-# STEP1: read ovpnconfig and verify cert names #
-# STEP2: if neccessary convert ccd file #
-# #
-###############################################################################
-
-require '/var/ipfire/general-functions.pl';
-
-my %configovpn=();
-my $ccdpath="/var/ipfire/ovpn/ccd/";
-my $ovpnconfig="/var/ipfire/ovpn/ovpnconfig";
-
-&General::readhasharray ($ovpnconfig,\%configovpn);
-
-&check_config();
-
-sub check_config {
- print "Converting CCD files...\n";
- chdir($ccdpath);
-
- foreach my $key (sort keys %configovpn){
- # Skip everything else but roadwarrior connections.
- next if ($configovpn{$key}[3] ne 'host');
-
- # Skip all connections with no space in the CN name.
- next if ($configovpn{$key}[2] !~ " ");
-
- my $ccdname = $configovpn{$key}[2];
- $ccdname =~ tr/ /_/;
-
- # Rename the CCD file if one with the old format exists.
- if (-e "$ccdname") {
- print " Renaming $ccdname -> $configovpn{$key}[2]...\n";
- rename($ccdname, $configovpn{$key}[2]);
- }
- }
-}